Went to a public library and attempted to connect my VPN on their open public WiFi connection. Was unable to and asked them for assistance.
They said that their network is old and that they do not allow VPNs and that its probably unable to have a VPN connection. They also said I have to agree to have a open connection.
Is that true? Is it possible to block a VPN in USA like that?
They said that their network is old and that they do not allow VPNs and that its probably unable to have a VPN connection.
Heh, they could have not been telling the whole truth here. Point is, they do not want VPN connections. They want to keep track of what their network users are doing.
Is that true? Is it possible to block a VPN in USA like that?
Yes, it’s very true. And yes, it’s very possible to block a VPN anywhere like that. It’s their network, it’s their TOS (terms of service) which you clicked on before using the network. Next time … read the TOS.
There are ways of using your VPN. The most common one is using Port 443 (the https port). If their firewall is very strict, there are other things you can do.
I’ve came across this in hotel wifi
Try a different port.
Try using TCP instead of UDP. Sometimes they’ll block UDP for whatever reason
Yes it’s very possible.
It is very difficult and costly to prevent someone who knows what they are doing from using a VPN. I highly doubt any public library has the resources to do it. You can even make what appears to be an ordinary website, right down to its SSL certificate, actually be a VPN.
Easy workarounds are changing port to TCP 443 or if you control the server to TCP 80, UDP 53, TCP 53, TCP 25. There are many, many other methods too.
I think you’re looking at this the wrong way.
Your library is offering a PUBLIC Internet connection. This is not a utility. They have the right to dictate what you can and cannot do on their connection, and can filter your traffic accordingly.
A network cannot be “too old” for a VPN to work. So long as traffic can pass, a VPN tunnel can be established - unless, of course, they are blocking common VPN ports, blacklisting VPN services, or packet filtering and rejecting IPsec traffic.
They could also be throttling UDP streams to break certain protocols they don’t want in use (ie: IPsec).
Since the library isn’t providing you a private, personal Internet connection, they don’t have to provide you an unfiltered connection. The only issue that could arise is if they were blocking sites or services based on legally-hosted content. Your public library is taxpayer funded, so while they can block technologies they don’t want running on their network in a content-agnostic way, they cannot block sites they don’t want their users viewing based on political content or otherwise, as that would be a first amendment violation.
The arguments you need here are:
I think you’ll find that you cannot answer those questions in a way that would convince a library that you require access to the VPN, unless you’re the only person besides me in this sub who recognizes that a VPN isn’t a privacy tool, and you need access to your protected servers and network devices that are only accessible behind the other end of a IPsec tunnel.
Their Wi-Fi, their rules. They can do what they want.
If you want to use your VPN still, switch to port 80, or 443.
This is common in a lot of hotspots. They only allow TCP and port 80/443 so configure your VPN to TCP on either of those ports. Easy to get around.
VPN over Websockets should workaround them all
Legitimately, what state are you in? I work for my state’s library agency and will tell you that this is a lack of privacy. We uphold each patron’s right to anonymity.
Well Netflix won’t Comcast won’t I think I was somewhere and couldn’t connect also, I wonder if the wireless community (what ever they are) stop service by blocking VPN’s, now that is worrisome, and waist of money.
just a though
Oh yeah because everyone is reading the terms of service to shit 
not to say you’re wrong, but you sound like a douche telling someone to read the TOS as if it’s not the norm to just skip over all that.
Hi there. I need to understand this.
what do you mean a different port?
Also , i thought that on your firewall you can set up rules to either allow or permit VPN connections, is this true ?
Thanks. Will try. Did not think of that.
always change DNS to your own
they block protocols, however l2tp is workaround 60% of time
Great questions. And very helpful information.
I would like to use a VPN so when I access email I am less worried about my password being stolen and such.
sunny California. Only library I have ever had this issue at.